First published: Fri Mar 10 2023(Updated: )
HashiCorp Vault and Vault Enterprise’s approle auth method allowed any authenticated user with access to an approle destroy endpoint to destroy the secret ID of any other role by providing the secret ID accessor. This vulnerability is fixed in Vault 1.13.0, 1.12.4, 1.11.8, 1.10.11 and above.
Credit: security@hashicorp.com
Affected Software | Affected Version | How to fix |
---|---|---|
HashiCorp Vault | <1.10.11 | |
HashiCorp Vault | <1.10.11 | |
HashiCorp Vault | >=1.11.0<1.11.8 | |
HashiCorp Vault | >=1.11.0<1.11.8 | |
HashiCorp Vault | >=1.12.0<1.12.4 | |
HashiCorp Vault | >=1.12.0<1.12.4 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2023-24999 is a vulnerability found in Hashicorp Vault that allows authenticated users to destroy the secret ID of any role.
CVE-2023-24999 has a severity rating of 8.1, which is considered high.
CVE-2023-24999 affects Hashicorp Vault and Vault Enterprise's approle auth method.
To fix CVE-2023-24999, update your version of Vault to 1.13.0, 1.12.4, 1.11.8, 1.10.11 or above.
You can find more information about CVE-2023-24999 at the following references: [Hashicorp Discuss](https://discuss.hashicorp.com/t/hcsec-2023-07-vault-fails-to-verify-if-approle-secretid-belongs-to-role-during-a-destroy-operation/51305), [Red Hat Errata](https://access.redhat.com/errata/RHSA-2023:3742), [Red Hat Security Advisory](https://access.redhat.com/security/cve/cve-2023-24999).